package com.example.shiro_springboot.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.example.shiro_springboot.realm.MyRealm;
import net.sf.ehcache.CacheManager;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.io.IOException;
import java.io.InputStream;

@Configuration
public class ShiroConfig {
    @Autowired
    private MyRealm myRealm;

    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(){
        //1.创建securityManager
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //2.创建加密对象，设置相关属性
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        // 2.1 采用md5加密
        matcher.setHashAlgorithmName("md5");
        // 2.2 设置加密次数
        matcher.setHashIterations(3);
        //3.将加密对象存储到myRealm中
        myRealm.setCredentialsMatcher(matcher);
        //4.将myRealm设置到defaultWebSecurityManager中
        defaultWebSecurityManager.setRealm(myRealm);
        //4.5设置rememberMe
        defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
        //4.6设置缓存管理器
        defaultWebSecurityManager.setCacheManager(getEhCacheManager());
        //5.返回securityManager
        return defaultWebSecurityManager;
    }
//    缓存管理器
    private EhCacheManager getEhCacheManager() {
        EhCacheManager ehCacheManager=new EhCacheManager();
        InputStream is=null;
        try {
            is = ResourceUtils.getInputStreamForPath("classpath:ehcache/ehcache-shiro.xml");
        } catch (IOException e) {
            e.printStackTrace();
        }
        CacheManager cacheManager = new CacheManager(is);

        ehCacheManager.setCacheManager(cacheManager);
        return ehCacheManager;
    }

    // cookie属性设置
    public SimpleCookie rememberMeCookie(){
        SimpleCookie cookie = new SimpleCookie("rememberMe");
        cookie.setPath("/");
        cookie.setHttpOnly(true);
        cookie.setMaxAge(30*24*60*60);
        return cookie;
    }
    // 创建shiro的cookie管理对象
    private CookieRememberMeManager rememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        cookieRememberMeManager.setCipherKey("1234567890987654".getBytes());
        return cookieRememberMeManager;
    }

    // 配置shiro内置过滤器拦截范围
    @Bean
    public DefaultShiroFilterChainDefinition shiroFilterChainDefinition(){
        DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
        // 设置放行范围
        chainDefinition.addPathDefinition("/myController/userLogin", "anon");
        chainDefinition.addPathDefinition("/login", "anon");
        // 设置需要认证的拦截范围
        chainDefinition.addPathDefinition("/**", "authc");
        // 添加存在用户的过滤器
        chainDefinition.addPathDefinition("/**", "user");
        // 配置登出过滤器
        chainDefinition.addPathDefinition("/logout", "logout");

        return chainDefinition;
    }
    @Bean
    public ShiroDialect shiroDialect(){
        return new ShiroDialect();
    }
}
